Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /***********************************************************
- * Onderwijs Service Centrum - © Alle rechten voorbehouden *
- ***********************************************************
- * Ontwikkeld door - ICT IDCollege, Zotermeer *
- ***********************************************************/
- /*
- * mainFunctions class
- */
- class mainFunctions {
- var $logged;
- var $ID;
- var $data;
- var $reden;
- var $dossiernr;
- var $soort_beg;
- var $name;
- var $email;
- var $username;
- var $password;
- var $p_conf;
- var $phone;
- var $addr;
- var $school;
- var $tutor;
- var $administrator;
- var $select_SQL;
- var $insert_SQL;
- var $update_SQL;
- var $row;
- var $result;
- var $success;
- var $error;
- var $ovnr;
- var $ot;
- var $DB;
- /*
- * Constructor function
- */
- function mainFunctions() {
- $dbhost = "localhost";
- $dbusername = "nbakker1_root";
- $dbuserpass = "12345";
- $dbname = "nbakker1_osc";
- $dbconnect = mysql_connect($dbhost, $dbusername, $dbuserpass);
- mysql_select_db($dbname, $dbconnect);
- $this->__checkLogin();
- }
- /*
- * Login function
- */
- function __login() {
- $this->ID = mysql_real_escape_string($ID);
- $this->username = mysql_real_escape_string($_POST['username']);
- $this->password = mysql_real_escape_string($_POST['password']);
- /*******************************************************************************************
- * Check for empty field here , if not empty continue the process else die (end of script) *
- *******************************************************************************************/
- if (!empty($this->username) && !empty($this->password)) {
- /*********************************************************************************************
- * Check for existing result in the database and continue the process (pass&user validation) *
- *********************************************************************************************/
- $this->select_SQL = "SELECT userid, username, password, level FROM `users` WHERE
- username='$this->username' AND password='$this->password'";
- $this->result = mysql_query($this->select_SQL) or die (mysql_error());
- if (mysql_num_rows($this->result) == 1) {
- $this->row = mysql_fetch_assoc($this->result);
- $_SESSION['ID'] = $this->row['userid'];
- $_SESSION['level'] = $this->row['level'];
- $_SESSION['username'] = $this->row['username'];
- $_SESSION['login'] = TRUE;
- $this->logged = TRUE;
- header("Location: ".$_SESSION['referer']);
- } else {
- echo $this->error = 'Gebruikersnaam en/of wachtwoord onjuist!';
- }
- } else {
- echo $this->error = 'Alle velden zijn verplicht!';
- }
- }
- /*
- * Logincheck function
- */
- function __checkLogin() {
- if (!isset($_SESSION['login']) || !is_bool($_SESSION['login']) ||
- !isset($_SESSION['username']) || !is_string($_SESSION['username']) ||
- !isset($_SESSION['level']) || !is_numeric($_SESSION['level'])) {
- $this->logged = FALSE;
- } else {
- $this->logged = TRUE;
- }
- // var_dump($this->logged);
- }
- /*
- * Logout function
- */
- function __logout() {
- if ($_SESSION['login'] AND $_SESSION['username'] AND $_SESSION['level']) {
- unset($_SESSION['login'], $_SESSION['username'], $_SESSION['level']);
- header('Location: logout.php');
- } else {
- header('Location: index.php');
- }
- }
- /*
- * Make Appointment function
- */
- function __maakAfspraak() {
- $this->date = mysql_real_escape_string($_POST['datum']);
- $this->dossiernr = mysql_real_escape_string($_GET['id']);
- if (!empty($this->date)) {
- $this->insert_SQL = "UPDATE `afspraken` SET datum_afspraak = '$this->date', osc_id = '".$_SESSION['ID']."' WHERE dossiernr = '".$this->dossiernr."'";
- $this->result = mysql_query($this->insert_SQL) or die (mysql_error($this->error = 'Syntax error'));
- if ($this->result) {
- echo $this->success = 'Afspraak successvol gemaakt!';
- } else {
- echo $this->error = 'Syntax error!';
- }
- } else {
- echo $this->error = 'Vul aub een datum in.';
- }
- }
- /*
- * Make Appointment Form
- */
- function __maakAfspraakForm() {
- $this->select_SQL = "SELECT *
- FROM afspraken
- WHERE dossiernr = '".$_GET['id']."'
- LIMIT 1";
- $this->result = mysql_query($this->select_SQL) or die (mysql_error($this->error = 'Syntax error'));
- $return = "";
- if (mysql_num_rows($this->result) > 0) {
- $data = mysql_fetch_object($this->result);
- $return = "<form method=\"POST\" action=\"" . $_SERVER['PHP_SELF'] . "?pagina=afspraak&actie=maken&id=".$data->dossiernr."&1\">"
- ." <table border=0 cellspacing=4 cellpadding=2>"
- ." <tr><td>OV-nummer:</td><td>". $data->ovnr ."</td></tr>"
- ." <tr><td>Soort begeleiding:</td><td>". $data->soort_beg ."</td></tr>"
- ." <tr><td>Vraag/probleem/doel:</td><td>". $data->reden ."</td></tr>"
- ." <tr><td>Datum:</td><td><input type=\"text\" name=\"datum\" value=\"". date("Y-m-d H:i:s") ."\" /></td></tr>"
- ." <tr><td> </td><td><input type=\"submit\" name=\"submit_afspraakmaken\" value=\"Maak afspraak\" /></td></tr>"
- ." </table>"
- ."</form>";
- return $return;
- }
- }
- /*
- * Display all Appointments from db
- */
- function __showAfspraak() {
- $this->select_SQL = "SELECT *
- FROM afspraken
- WHERE datum_afspraak != '0000-00-00 00:00:00'
- ORDER BY dossiernr DESC";
- $this->result = mysql_query($this->select_SQL) or die (mysql_error($this->error = 'Syntax error'));
- if (mysql_num_rows($this->result) > 0) {
- $return = "<table border=1 cellspacing=0 cellpadding=3>"
- ." <tr>"
- ." <td>OV-nummer:</td>"
- ." <td>Soort begeleiding:</td>"
- ." <td>Vraag/opmerking/doel:</td>"
- ." <td>Datum:</td>"
- //." <td>Actie:</td>"
- ." </tr>";
- while ($data = mysql_fetch_object($this->result)) {
- $return = $return . " <tr>"
- ." <td>" . $data->ovnr . "</td>"
- ." <td>" . $data->soort_beg . "</td>"
- ." <td>" . $data->reden . "</td>"
- ." <td>" . $data->datum_afspraak . "</td>"
- //." <td><a href=\"?pagina=afspraak&actie=maken&id=" . $data->dossiernr . "\">Maak afspraak</a></td>"
- ." </tr>";
- }
- $return = $return . "</table>";
- echo $return;
- } else {
- echo "U heeft geen afspraken op dit moment.";
- }
- }
- /*
- * Maak melding
- */
- function __makeMelding() {
- $this->date = date('Y-m-d H:i:s');
- $this->ovnr = mysql_real_escape_string($_POST['ovnr']);
- $this->tutor = $_SESSION['ID'];
- $this->reden = mysql_real_escape_string($_POST['reden']);
- $this->soort_beg = mysql_real_escape_string($_POST['soort_beg']);
- if (!empty($this->date) && !empty($this->tutor) && !empty($this->ovnr) && !empty($this->reden) && !empty($this->soort_beg)) {
- $this->insert_SQL = "INSERT INTO `afspraken` (datum_aanmelding, aanmelder_id, ovnr, osc_id, reden, soort_beg) VALUES ('$this->date',
- '$this->tutor', '$this->ovnr', '".$_SESSION['ID']."', '$this->reden', '$this->soort_beg')";
- $this->result = mysql_query($this->insert_SQL) or die (mysql_error($this->error = 'Syntax error'));
- if ($this->result) {
- echo $this->success = 'Afspraak successvol gemaakt!';
- } else {
- echo $this->error = 'Syntax error!';
- }
- } else {
- echo $this->error = 'Alle velden zijn verplicht!';
- }
- }
- /*
- * Laat alle aanmeldingen zien die nog geen datum hebben
- */
- function __showMeldingen($id = "") {
- if (is_numeric($id)) {
- $this->select_SQL = "SELECT *
- FROM afspraken
- WHERE osc_id = '$id'
- ORDER BY dossiernr DESC";
- } else {
- $this->select_SQL = "SELECT *
- FROM afspraken
- WHERE datum_afspraak = '0000-00-00 00:00:00'
- ORDER BY dossiernr DESC";
- }
- $this->result = mysql_query($this->select_SQL) or die (mysql_error($this->error = 'Syntax error'));
- if (mysql_num_rows($this->result) > 0) {
- $return = "<table border=1 cellspacing=0 cellpadding=3>"
- ." <tr>"
- ." <td>OV-nummer:</td>"
- ." <td>Soort begeleiding:</td>"
- ." <td>Melder:</td>"
- ." <td>Datum:</td>"
- ." <td>Actie:</td>"
- ." </tr>";
- while ($data = mysql_fetch_object($this->result)) {
- $return = $return . " <tr>"
- ." <td>" . $data->ovnr . "</td>"
- ." <td>" . $data->soort_beg . "</td>"
- ." <td>" . $data->aanmelder_id . "</td>"
- ." <td>" . $data->datum_aanmelding . "</td>";
- if (!is_numeric($id)) {
- $return = $return ." <td><a href=\"?pagina=afspraak&actie=maken&id=" . $data->dossiernr . "\">Maak afspraak</a></td>";
- } else {
- $return = $return ." <td><small><i>Geen acties beschikbaar</i></small></td>";
- }
- $return = $return ." </tr>";
- }
- $return = $return . "</table>";
- echo $return;
- } else {
- if (is_numeric($id)) {
- echo "Er zijn geen afspraken met dit account gemaakt.";
- } else {
- echo "Er zijn geen aanmeldingen op dit moment.";
- }
- }
- }
- /*
- * Search for a Student
- */
- function __searchStudents() {
- $this->ovnr = trim(strip_tags($_POST['ovnr'])); // Get's the OV Number
- $this->select_SQL = "SELECT * FROM `student` WHERE `ovnummer`='.$this->ovnr.' LIMIT 1";
- $this->result = mysql_query($this->select_SQL) or die (mysql_error($this->error = 'Syntax error'));
- $this->data = mysql_fetch_assoc($this->result);
- while( $this->data = mysql_fetch_array($this->result) ) {
- $this->naam = mysql_real_escape_string($this->data['naam']);
- $this->adres = mysql_real_escape_string($this->data['adres']);
- $this->postcode = mysql_real_escape_string($this->data['postcode']);
- $this->woonplaats = mysql_real_escape_string($this->data['woonplaats']);
- $this->geslacht = mysql_real_escape_string($this->data['geslacht']);
- $this->email = mysql_real_escape_string($this->data['email']);
- $this->geb_datum = mysql_real_escape_string($this->data['geb_datum']);
- $this->telnr = mysql_real_escape_string($this->data['telnr']);
- $this->nationaliteit = mysql_real_escape_string($this->data['nationaliteit']);
- $this->in_ned_sinds = mysql_real_escape_string($this->data['in_ned_sinds']);
- $this->opleiding = mysql_real_escape_string($this->data['opleiding']);
- $this->kwalificatieplichting = mysql_real_escape_string($this->data['kwalificatieplichting']);
- $this->klas = mysql_real_escape_string($this->data['klas']);
- $this->onderwijsteam = mysql_real_escape_string($this->data['onderwijsteam']);
- }
- }
- /*
- * Create own account functions
- */
- function __createAccount() {
- $this->username = mysql_real_escape_string($_POST['username']);
- $this->password = md5(mysql_real_escape_string($_POST['password']));
- $this->p_conf = md5(mysql_real_escape_string($_POST['p_conf']));
- $this->ot = trim(strip_tags($_POST['ot']));
- $this->email = htmlspecialchars($_POST['email']);
- if (!$this->password == $this->p_conf) {
- echo $this->error = 'Wachtwoorden niet gelijk!';
- } else {
- if (!empty($this->username) && !empty($this->password) && !empty($this->p_conf) && !empty($this->ot) && !empty($this->email)) {
- $this->insert_SQL = "INSERT INTO `users` (username, password, ot, email) VALUES
- ('$this->username', '$this->password', '$this->ot', '$this->email')";
- $this->result = mysql_query($this->insert_SQL) or die (mysql_error($this->error = 'Syntax error'));
- if ($this->result) {
- echo $this->success = 'Het account is successvol aangemaakt!';
- echo $this->success = '<a href="index.php" name="Homepage">Ga naar index</a>';
- } else {
- echo $this->error = 'Syntax error';
- }
- } else {
- echo $this->error = 'Alle velden zijn verplicht!';
- }
- }
- }
- }
- // Object initialiseren
- $mainFunctions = new mainFunctions;
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement